Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mNy33f67VVxwY0YZABsnj_XASYk.roa
File: mNy33f67VVxwY0YZABsnj_XASYk.roa (raw, json)
Hash identifier: Slbdul4VPG+PlYOKszy1r3hgGGbksnGhdnHaQ1UVP7w=
Subject key identifier: 98:DC:B7:DD:FE:BB:55:5C:70:63:46:19:00:1B:27:8F:F5:C0:49:89
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01943BEE48ED05B893018C2E8D4179E8F049
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mNy33f67VVxwY0YZABsnj_XASYk.roa
Signing time: Mon 06 Jan 2025 14:04:19 +0000
ROA not before: Mon 06 Jan 2025 14:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 193.124.227.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 21:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:ee:48:ed:05:b8:93:01:8c:2e:8d:41:79:e8:f0:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 6 14:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98dcb7ddfebb555c70634619001b278ff5c04989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c6:63:77:13:23:c8:12:c5:e3:a0:90:58:6c:
3a:d7:66:fb:d2:3d:59:71:2b:c2:2f:d2:40:ee:38:
78:7d:68:3b:91:a2:f8:14:e0:8f:a2:27:9c:9d:7a:
f3:1c:a3:45:a3:1a:9d:59:4d:58:29:16:ec:2c:aa:
fa:ba:3d:4e:2c:56:d8:e0:95:a1:75:e6:26:6f:ca:
09:24:d7:c5:9c:9a:d9:b5:ed:b8:98:fd:aa:07:41:
4d:15:63:50:3e:71:67:c9:57:37:ef:7a:44:0d:21:
0b:2b:8c:f7:ef:37:05:0e:f1:df:b2:d5:12:59:93:
32:f5:13:4e:ee:fc:1d:29:bd:29:96:89:a0:cf:84:
c9:dc:0c:67:8b:17:4a:9c:ca:73:53:30:9f:c3:dc:
ab:80:fd:e5:a1:5e:3f:0d:4f:43:ea:51:a2:b2:67:
61:82:6d:61:12:89:89:b2:df:ae:06:91:c4:03:78:
32:7f:23:3a:72:0e:34:72:e0:7b:11:47:00:63:2a:
84:42:39:e1:9e:b8:35:91:43:6b:76:47:50:cc:35:
a7:17:04:81:cd:6a:0a:57:a2:2e:a3:80:aa:5b:d6:
fd:1d:6b:2f:4f:9a:ea:67:aa:f3:1d:f2:b3:cc:cb:
3f:6d:79:3f:d1:44:dc:c0:67:d5:7a:d9:e6:0a:96:
c6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DC:B7:DD:FE:BB:55:5C:70:63:46:19:00:1B:27:8F:F5:C0:49:89
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mNy33f67VVxwY0YZABsnj_XASYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.87.53.0/24
195.133.55.0/24
212.192.247.0/24
Signature Algorithm: sha256WithRSAEncryption
33:cf:71:ad:4b:75:e2:48:00:44:27:31:8a:e5:3c:09:dc:ff:
41:c8:6c:8f:e5:d5:d1:c0:f5:51:7e:3d:b8:82:05:25:f6:c7:
2a:e1:dd:34:8e:0c:b1:67:3d:68:e8:a3:28:82:36:68:32:8d:
ae:2b:2d:29:48:14:7b:bd:2d:e4:26:05:dc:c3:48:30:a4:b9:
55:24:26:8b:eb:f0:76:0d:55:57:b5:ec:e1:0f:e5:47:03:87:
66:d1:50:6f:20:d8:77:aa:59:21:2b:2f:b0:e1:6c:34:e5:de:
47:e7:27:64:26:3c:a9:c0:8c:d8:25:48:50:30:3a:4a:18:c7:
18:2b:47:f5:08:12:a9:4c:20:e0:ff:38:71:fe:b9:92:aa:e2:
5b:d0:a9:b9:2e:1f:cb:7e:17:2c:fc:0f:ff:ec:52:fd:6f:83:
2f:2f:ab:07:6c:e7:09:36:22:86:f0:e3:e0:74:e6:42:3a:32:
39:59:d6:15:da:35:1c:4b:47:37:a2:e0:fa:a4:57:b0:46:59:
74:25:55:c9:c3:a0:98:26:0d:e1:a0:9c:65:ee:a3:4e:19:0a:
c2:f1:b5:5f:4e:45:b4:27:92:75:02:48:8d:92:bc:0a:f1:69:
79:e2:50:b6:72:ee:41:7f:a4:07:6e:e2:2c:94:f7:6a:ae:27:
fa:ba:bc:99
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQ77kjtBbiTAYwujUF56PBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTA2MTQwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRjYjdkZGZlYmI1NTVjNzA2MzQ2MTkwMDFiMjc4ZmY1YzA0OTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcZjdxMjyBLF46CQWGw612b70j1Z
cSvCL9JA7jh4fWg7kaL4FOCPoiecnXrzHKNFoxqdWU1YKRbsLKr6uj1OLFbY4JWh
deYmb8oJJNfFnJrZte24mP2qB0FNFWNQPnFnyVc373pEDSELK4z37zcFDvHfstUS
WZMy9RNO7vwdKb0plomgz4TJ3AxnixdKnMpzUzCfw9yrgP3loV4/DU9D6lGismdh
gm1hEomJst+uBpHEA3gyfyM6cg40cuB7EUcAYyqEQjnhnrg1kUNrdkdQzDWnFwSB
zWoKV6Iuo4CqW9b9HWsvT5rqZ6rzHfKzzMs/bXk/0UTcwGfVetnmCpbGnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJjct93+u1VccGNGGQAbJ4/1wEmJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbU55MzNmNjdWVnh3WTBZWkFCc25qX1hBU1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzjAwQA
wlc1AwQAw4U3AwQA1MD3MA0GCSqGSIb3DQEBCwUAA4IBAQAzz3GtS3XiSABEJzGK
5TwJ3P9ByGyP5dXRwPVRfj24ggUl9scq4d00jgyxZz1o6KMogjZoMo2uKy0pSBR7
vS3kJgXcw0gwpLlVJCaL6/B2DVVXtezhD+VHA4dm0VBvINh3qlkhKy+w4Ww05d5H
5ydkJjypwIzYJUhQMDpKGMcYK0f1CBKpTCDg/zhx/rmSquJb0Km5Lh/Lfhcs/A//
7FL9b4MvL6sHbOcJNiKG8OPgdOZCOjI5WdYV2jUcS0c3ouD6pFewRll0JVXJw6CY
Jg3hoJxl7qNOGQrC8bVfTkW0J5J1AkiNkrwK8Wl54lC2cu5Bf6QHbuIslPdqrif6
uryZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:39:31 2025 by rpki-client